コード例 #1
0
ファイル: session.php プロジェクト: csnxs/disciple
 function user_info($_id = 0)
 {
     $id = $_id;
     if ($_id == 0 && is_authed()) {
         $id = $_SESSION['id'];
     }
     if (!is_authed() && $id == 0) {
         return null;
     }
     $uinfq = getsql()->query("SELECT * FROM `users` WHERE `id`=" . $id);
     // Make sure to destroy our session if this user doesn't exist anymore.
     if ($uinfq->num_rows == 0 && $id == $_SESSION['id']) {
         Header("Location: /logout?accdel");
     }
     return $uinfq->fetch_object();
 }
コード例 #2
0
ファイル: wads.php プロジェクト: csnxs/disciple
 function display_wad_table($limit = 0)
 {
     echo "\n<table>\n\t<tr>\n\t\t<th></th>\n\t\t<th>File</th>\n\t\t<th>Size</th>\n\t\t<th>Uploaded by</th>\n\t\t<th>Date and time</th>\n\t\t<th>MD5</th>\n\t</tr>\n";
     $db = getsql();
     $limitstring = '';
     if ($limit > 0) {
         $limitstring = " LIMIT {$limit}";
     }
     $q = $db->query("SELECT * FROM `wads` ORDER BY `time` DESC {$limitstring}");
     if ($q->num_rows < 1) {
         echo "\n<div id='serversbox'>\n\t<div style='width: 100%; text-align: center'>\n\t\tThere are no WADs uploaded yet.\n\t\t";
         if (is_authed()) {
             echo "\n\t\t<br />\n\t\tFeel free to upload one from the main WADs page.\n\t\t";
         }
         echo "\n\t</div>\n</div>\n\t\t\t\t\t";
     } elseif ($q->num_rows > 0) {
         while ($o = $q->fetch_object()) {
             $id = $o->id;
             $size = human_filesize(filesize(disciple_json()->serverdata . '/wads/' . $o->filename));
             $filename = $o->filename;
             $uploader = $o->uploader;
             $uploader_name = user_info($uploader)->username;
             $time = date('Y-m-d \\a\\t H:i:s', $o->time);
             echo "\n<tr id='wadrow-{$id}'>\n\t<td>\n";
             if (is_authed()) {
                 if (user_info()->userlevel >= UL_ADMINISTRATOR || $uploader == $_SESSION['id']) {
                     echo "<a href='javascript:deleteWad({$id});' title='Delete'><i class='material-icons'>delete</i></a>";
                 }
                 if (user_info()->userlevel >= UL_ADMINISTRATOR) {
                     if ($db->query("SELECT * FROM `wadbans` WHERE `md5`='" . $o->md5 . "'")->num_rows == 0) {
                         echo "<a href='javascript:banWad({$id});' title='Ban'><i class='material-icons'>not_interested</i></a>";
                     } else {
                         echo "<a href='javascript:unbanWad({$id});' title='Unban'><i class='material-icons'>done</i></a>";
                     }
                 }
             }
             echo "\n</td>\n<td><a href='/wads/{$filename}'>{$filename}</a></td>\n<td>{$size}</td>\n<td>{$uploader_name}</td>\n<td>{$time}</td>\n<td id='wadmd5-{$id}'><a href='javascript:wadMd5({$id});'>Show</a></td>\n</tr>\n";
         }
         echo "</table>";
     }
 }
コード例 #3
0
ファイル: wads.php プロジェクト: csnxs/disciple
<?php

include dirname(dirname(dirname(__FILE__))) . '/common/config.php';
include dirname(dirname(dirname(__FILE__))) . '/common/session.php';
include 'apishared.php';
// A list of MD5s for all known commercial
// IWADs.
$iwadmd5 = array('740901119ba2953e3c7f3764eca6e128', 'b6afa12a8b22e2726a8ff5bd249223de', '9c877480b8ef33b7074f1f0c07ed6487', '049e32f18d9c9529630366cfc72726ea', '981b03e6d1dc033301aa3095acc437ce', '792fd1fea023d61210857089a7c1e351', '54978d12de87f162b9bcc011676cb3c0', '11e1cd216801ea2657723abc86ecb01f', '1cd63c5ddff1bf8ce844237f580e9cf3', 'c4fe9fd920207691a9f493668e0a2083', 'e4f120eab6fb410a5b6e11c947832357', '0c8758f102ccafe26a3040bee8ba5021', '72286ddc680d47b9138053dd944b2a3d', 'fb35c4a5a9fd49ec29ab6e900572c524', '7912931e44c7d56e021084a256659800', '3e410ecd27f61437d53fa5c279536e88', '30e3c2d0350b67bfbf47271970b74b2f', 'd9153ced9fd5b898b36cc5844e35b520', 'ea74a47a791fdef2e9f2ea8b8a9da13b', 'd7a07e5d3f4625074312bc299d7ed33f', 'c236745bb01d89bbb866c8fed81b6f8c', '3cb02349b3df649c86290907eed64e7b', '25e1459ca71d321525f84628f45ca8cd', 'a793ebcdd790afad4a1f39cc39a893bd', '43c2df32dc6c740cb11f34dc5ab693fa', 'c3bea40570c23e511a7ed3ebcd9865f7', 'f617591a6c5d07037eb716dc4863e26b', '43c2df32dc6c740cb11f34dc5ab693fa', 'a793ebcdd790afad4a1f39cc39a893bd', '4c3db5f23b145fccd24c9b84aba3b7dd', '9640fc4b2c8447bbd28f2080725d5c51', '75c8cf89566741fa9d22447604053bd7', '3493be7e1e2588bc9c8b31eab2587a04', 'b77ca6a809c4fae086162dad8e7a1335', '4e158d9953c79ccf97bd0663244cc6b6', '1d39e405bf6ee3df69a8d2646c8d5c49', 'be626c12b7c9d94b1dfb9c327566b4ff', '3117e399cdb4298eaa3941625f4b2923', '1e4cb4ef075ad344dd63971637307e04', '66d686b1ed6d35ff103f15dbd30e0341', '66d686b1ed6d35ff103f15dbd30e0341', 'c88a2bb3d783e2ad7b599a8e301e099e', 'b2543a03521365261d0a0f74d5dd90f0', 'abb033caf81e26f12a2103e1fa25453f', 'b68140a796f6fd7f3a5d3226a32b93be', '1077432e2690d390c256ac908b5f4efa', '78d5898e99e220e4de64edaa0e479593', '8f2d3a6a289f5d2f2f9c1eec02b47299', '2fed2031a5b03892106e0f117f17901f', '25485721882b050afa96a56e5758dd52');
$call = api_checkarg_post('fn');
if ($call == 'upload') {
    if (is_authed()) {
        if (intval($_SERVER['CONTENT_LENGTH']) > 0 && count($_POST) === 0) {
            Header("Location: /wads?toobig=" . $fn);
            exit;
        }
        if (isset($_POST['doup'])) {
            $target_dir = data_dir('/wads/');
            $fn = basename($_FILES['file']['name']);
            $ext = pathinfo($fn, PATHINFO_EXTENSION);
            $fn = preg_replace('/[^a-zA-Z0-9_\\-\\.]+/', '', pathinfo($fn, PATHINFO_FILENAME)) . '.' . $ext;
            $target_file = $target_dir . $fn;
            $uploadOk = 1;
            $tmploc = $_FILES['file']['tmp_name'];
            $lext = strtolower($ext);
            if (!($lext == 'wad' || $lext == 'pk3' || $lext == 'pk7')) {
                Header("Location: /wads?badext={$ext}");
                exit;
            }
            $md5 = md5_file($tmploc);
            if (in_array($md5)) {
                Header("Location: /wads?iwad");
コード例 #4
0
ファイル: feature.php プロジェクト: danielheyman/EazySubs
<?php

include 'init.php';
if (!is_authed()) {
    ?>
<script type='text/javascript'>
window.location = 'index.php';
</script>
<?php 
}
if (isset($_GET['f'])) {
    $f = $_GET["f"];
}
$username = $_SESSION['username'];
include 'info.php';
?>


    <div style="text-align:center;" id="content">

<?php 
$query = "select * from user where username='******'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
$reffered = $row['reffered'];
$viewRefPoints = $row['viewRefPoints'];
$subRefPoints = $row['subRefPoints'];
$likeRefPoints = $row['likeRefPoints'];
$commentRefPoints = $row['commentRefPoints'];
$watchRefPoints = $row['watchRefPoints'];
$refPoints = $row['refPoints'];
コード例 #5
0
ファイル: displayOpenForum.php プロジェクト: reinfurt/MOLLYS
function displayOpenForum($pageName = 'discuss', $name1, $deck, $body, $id, $action, $submit, $idFull, $idBase, $reply, $userName)
{
    global $childObject;
    global $posts;
    global $currentId;
    global $currentIdIndex;
    $currentId = $id;
    $posts = array();
    // Parse $IdFull to get $idPath
    $idsFull = explode(",", $idFull);
    if (count($idsFull) > 1) {
        $idPath = $idsFull[0];
    } else {
        $idPath = '0';
    }
    //  Find "Forum" object
    $sql = "SELECT objects.id AS objectsId FROM wires, objects ";
    $sql .= "WHERE wires.fromid = '{$idPath}' AND wires.toid = objects.id AND objects.name1 LIKE 'Discussion Forum' ";
    $sql .= "AND wires.active = 1 AND objects.active = 1 ";
    $sql .= "ORDER BY objects.created DESC LIMIT 1";
    $res = MYSQL_QUERY($sql);
    $row = MYSQL_FETCH_ARRAY($res);
    $obj = $row["objectsId"];
    //  Post a message
    if ($action == "post") {
        //  Clean up input
        if (!get_magic_quotes_gpc()) {
            $name1 = "_" . $name1;
            $name1 = addslashes($name1);
            $deck = addslashes($deck);
            $body = addslashes($body);
        }
        //  Process variables
        if (!$name1) {
            $name1 = "[No Subject]";
        }
        $name1 = textFilter($name1);
        $deck = textFilter($deck);
        $body = textFilter($body);
        echo "new!" . $body;
        //  Add object to database
        $sql = "INSERT INTO objects (created, modified, name1, deck, body) ";
        $sql .= "VALUES ('" . date("Y-m-d H:i:s") . "', '" . date("Y-m-d H:i:s") . "', '{$name1}', '{$deck}', '{$body}')";
        $res = MYSQL_QUERY($sql);
        $insertId = MYSQL_INSERT_ID();
        //echo "INSERT ID".$insertId;
        //  Add wire to database
        // Need to convert id to just get last part for messageId
        $explodedId = explode(",", $id);
        $messageId = $explodedId[count($explodedId) - 1];
        // echo "messageId = " . $messageId;
        $sql = "INSERT INTO wires (created, modified, fromid, toid) ";
        // $sql .= "VALUES('". date("Y-m-d H:i:s") ."', '". date("Y-m-d H:i:s") ."', '$id', '$insertId')";
        $sql .= "VALUES('" . date("Y-m-d H:i:s") . "', '" . date("Y-m-d H:i:s") . "', '{$messageId}', '{$insertId}')";
        $res = MYSQL_QUERY($sql);
        $id = null;
        // THIS $id?
    }
    //  Write a message
    if ($action == "write") {
        if (is_authed()) {
            $html2 = "You are posting a message to the Discussion Forum.<br />";
            $html2 .= "<a href='" . $pageName . ".html?action=viewall'>View All Messages</a><br /><br />";
            $html2 .= "<br />";
            $html2 .= "<table cellpadding='0' cellspacing='0' border='0'>";
            $html2 .= "<form enctype='multipart/form-data' action='" . $pageName . ".html?action=post' method='post' style='margin: 0; padding: 0;'>";
            $html2 .= "<tr><td width='90'>Subject&nbsp; </td>";
            $html2 .= "<td><textarea name='name1' cols='50' rows='1'>";
            // Add Re: if replying. Will need to get the previous object that you are replying to... ** IN PROCESS **
            if ($reply) {
                $html2 .= "\nRe: " . $reply;
            }
            $html2 .= "</textarea></td></tr>";
            $html2 .= "<tr><td>From&nbsp; </td>";
            $html2 .= "<td><textarea name='deck' cols='50' rows='1'>" . $userName . "</textarea></td></tr>";
            $html2 .= "<tr><td style='vertical-align: top;'>Message&nbsp; </td>";
            $html2 .= "<td><textarea name='body' cols='50' rows='40'></textarea></td></tr>";
            $html2 .= "<tr><td><!--  --></td>";
            $html2 .= "<td><br />";
            $html2 .= "<input name='id' type='hidden' value='" . $id . "' />";
            $html2 .= "<input name='action' type='hidden' value='post' />";
            $html2 .= "<input name='submit' type='submit' value='Post Message' />";
            $html2 .= "</form></td></tr>";
            $html2 .= "</table>";
            // These are all of the variables which are posted here in this form
            // These must be passed in from the page that uses this function
            // $name1, $deck, $body, $id, $action, $submit
            echo $html2;
        } else {
            echo "Please <a href='" . $pageName . ".html?user=login'>LOG IN</a> or <a href='" . $pageName . ".html?user=register'>REGISTER</a> to post messages in the Discussion Forum.";
        }
    }
    //  View message selected
    if ($id != $obj) {
        // systemForumMapper($idFull, 2, TRUE);
        // systemForumMapper("3,386,390", 2, TRUE);
        // systemForumMapper("0,386,390", 2, TRUE);
        $idBasePad = "0," . $idBase;
        systemForumMapper($idBasePad, 10, TRUE);
        $postOlderIndex = $currentIdIndex < 2 ? 1 : $currentIdIndex - 1;
        $postNewerIndex = $currentIdIndex > count($posts) - 2 ? count($posts) - 1 : $currentIdIndex + 1;
        $postNewer = $posts[$postNewerIndex];
        $postOlder = $posts[$postOlderIndex];
        /*
        // Debug for $ids passing
        
        echo "id = " . $id . " / " . "idFull = " . $idFull . " / " . "idBase = " . $idBase  . " / " . "idBasePad = " . $idBasePad  . "<br />";
        echo $postOlderIndex . " / " . $postNewerIndex . "<br />";
        echo $postOlder . " / " . $postNewer . "<br />";
        */
        //  Get selected "Forum" object
        $sql = "SELECT * FROM objects WHERE id = '{$id}' AND objects.active = 1 LIMIT 1";
        $res = MYSQL_QUERY($sql);
        $row = MYSQL_FETCH_ARRAY($res);
        if (!$action) {
            $html .= "<a href='" . $pageName . ".html?id={$postOlder}'>Previous</a> / ";
            $html .= "\n<a href='" . $pageName . ".html?action=viewall'>View All Messages</a> / ";
            $html .= "<a href='" . $pageName . ".html?id={$postNewer}'>Next</a>";
            $html .= "\n<br />";
            if (count($ids) < 2) {
                $replySubject .= substr($row['name1'], 1);
                //$idComplete = $idFull . "," . $id;
                //echo "<br />" . $id . "<br />" . $idFull . "<br />" . $idComplete;
                $html .= "\n<a href='" . $pageName . ".html?action=write&amp;id={$idFull}&amp;reply={$replySubject}'>Reply to this message</a>";
            }
            // $html .= "\n<a href='".$pageName.".html?action=write&amp;id=$idBase'>Post a new message</a> / ";
            // $html .= "\n<a href='".$pageName."Print.html?id=".$idFull."'>Print</a>";
            $html .= "<br /><br />";
            // Write out the body of the selected message
            // Account for "_" which is at the beginning of each open record
            if (substr($row['name1'], 0, 1) == "_") {
                $nameDisplay = substr($row['name1'], 1);
            }
            $html .= "\n<table cellspacing='0' cellpadding='0'>";
            //$html .= "\n<tr><td style='padding-right: 12px;'>Subject</td><td>".$row['name1']."</td></tr>";
            $html .= "\n<tr><td style='padding-right: 12px;'>Subject</td><td>" . $nameDisplay . "</td></tr>";
            $html .= "\n<tr><td style='padding-right: 12px;'>Date</td><td>" . date('j F Y H:i:s', strtotime($row['created'])) . "</td></tr>";
            $html .= "\n<tr><td style='padding-right: 12px;'>From</td><td>" . $row['deck'] . "</td></tr>";
            $html .= "\n</table><br />";
            $html .= "\n" . nl2br($row['body']) . "<br /><br />";
        }
        if (!$action) {
            $html .= "<a href='" . $pageName . ".html?id={$postOlder}'>Previous</a> / ";
            $html .= "\n<a href='" . $pageName . ".html?action=viewall'>View All Messages</a> / ";
            $html .= "<a href='" . $pageName . ".html?id={$postNewer}'>Next</a>";
            $html .= "\n<br />";
            if (count($ids) < 2) {
                $replySubject .= substr($row['name1'], 1);
                $html .= "\n<a href='" . $pageName . ".html?action=write&amp;id={$idFull}&amp;reply={$replySubject}'>Reply to this message</a>";
            }
            // $html .= "\n<a href='".$pageName.".html?action=write&amp;id=$idBase'>Post a new message</a> / ";
            // $html .= "\n<a href='".$pageName."Print.html?id=".$idFull."'>Print</a>";
        }
        echo $html;
    }
    if ($action == 'post') {
        $html3 = "You are posting to the Discussion Forum.<br />";
        $html3 .= "<a href='" . $pageName . ".html?action=viewall'>View All Messages</a><br /><br />";
        $html3 .= "Your message has been posted as of " . date('j F Y H:i:s') . "<br />";
        $html3 .= "Please <a href='" . $pageName . ".html'>click here to continue</a>...";
        echo $html3;
    }
    //  Show all messages
    if ($id == $obj && !$action || $id == $obj && $action == 'viewall') {
        echo "You are viewing all posts in the Discussion Forum.<br /><br />";
        systemForumMapper($id, 10);
        echo "<br /><a href='" . $pageName . ".html?action=write&amp;id={$idFull}'>Post a new response to the essay</a><br/><br/>";
    }
}
コード例 #6
0
ファイル: server.php プロジェクト: csnxs/disciple
<?php

include dirname(dirname(__FILE__)) . '/common/pages.php';
include dirname(dirname(__FILE__)) . '/common/config.php';
if (!isset($_GET['sid']) || !is_authed()) {
    //Header("Location: /");
    exit;
}
if (empty($_GET['sid'])) {
    //Header("Location: /");
    exit;
}
$s = $_GET['sid'];
$db = getsql();
$q = $db->query(sprintf("SELECT * FROM `servers` WHERE `sid`='%s'", $s));
?>

<?php 
sn_page_header('Manage Server');
?>
	<?php 
sn_page_start_container();
?>
		<h1>Manage Server</h1>
		<?php 
sn_page_cfooter();
?>
	<?php 
sn_page_end_container();
sn_page_footer();